Sensor networks, for instance mobile wireless sensor and actuator networks (WSNs) are used in a wide range of applications. The size of such networks can vary from tens to several tens of thousands of nodes. Their nature can be very dynamic, i.e. the network topology may change over the time. The sensor nodes have to be very cost-efficient, so they typically have very limited resources like battery power, communication bandwidth, processing power, memory, and likewise.
Security services like confidentiality, authentication, integrity, and authorization are essential to applications like medical applications and ZigBee as required by applications such as patient monitoring or wireless control networks. However, due to the resource-constrained nature of the nodes, security methods based on asymmetric cryptography are generally considered inefficient or infeasible. Therefore, symmetric cryptography is usually applied to enable the required security services. The fundamental problem with symmetric cryptography, however, is key-distribution: how to establish shared secrets in nodes that need to communicate securely. This problem is particularly eminent in WSNs, because of their dynamic nature and possibly large size.
Thus, key pre-distribution methods have been proposed, wherein each of the sensor nodes is provided with a set of cryptographic elements prior to deployment. Once the nodes are deployed, the cryptographic elements enable them to establish common secrets on which to base the security services. Two trivial key pre-distribution methods are loading the same symmetric key in all nodes offering an optimal scalability, but minimal resilience, and providing a different key for every possible pair of nodes offering an optimal resilience, but minimal scalability.
As a consequence, it is proposed to use a method being a tradeoff of these two methods. However, when one node wishes to communicate with a further node, it needs to discover which encryption element is common to both nodes, by computing the composition of the further node set of elements and comparing this further set with its own set of elements. Depending on the number of different encryption elements in the set of encryption elements, and on the method for distributing the encryption elements to each node, this step of discovering the common encryption element may require a high computation power and a high memory capacity. As a consequence, this method is not adapted to sensor networks where nodes have a low capacity.